UEFI bootkit

[JD]

On 09/19/2012 05:00 PM, Alan Cox wrote:
>> The proper way to do this is to issue a unique key for each board
>> that has the private signing key included for the users who wish to
>> add personally signed software. Their key does not work on any other
>> machine, of course. Distros could sign their material. And if the user
>> wishes to recompile a kernel they can sign it with their own key and
>> still boot with it.
> While they made a right mess of it and IMHO tried to play ugly cynical
> games (and still are on ARM) the underlying concern isn't entirely bogus.
> The signing extends through the system including all the firmware. That
> means that the firmware you get is the firmware the vendor intended you
> to get which cuts out an interesting (and it seems growing) like of
> attacks based upon shipping people computers with trojaned firmware.
>
> Now given a lot of this will be built in countries that the USA doesn't
> trust, by people they don't trust I'm not sure what impact it will have
> on the really "interesting" uses of such technology, but it cuts out some
> stuff.
>
> And there is a real issue because as other security improves and systems
> with interesting stuff on become highly isolated firmware attacks and
> shipping people "pre trojanned" systems into banks etc becomes a rather
> attractive attack model.
>
> Alan
What you say is indeed a very ppssible scenario, as the US has
lost a lot of friends recently, especially among the countries that
manufacture the high tech we buy.

The question I have is, can the buyer simply choose NOT to
use uefi (i.e. blow it off the system) and boot any OS of choice
which will not insist on the presence of any UEFI?
I think the answer to this question is more important as it provides
an "opt-out" choice to the consumer.